tcpdump to capture irule processing

Question

Hey All&nbsp;
A quick question, tcpdump helps capture packets going in &amp; out on an IP configured part of the Big-IP config. Do we have a specific syntax of tcpdump which can be used to see how an irule is processing traffic / redirecting traffic to certain pool. &nbsp;
This is in respect irule for Exchange F5 config which does involve irule directing the traffic to certain pool based on service call ( oab /rpc / ews /autodiscover /) .&nbsp;
Please let me know your inputs/suggestions /thoughts&nbsp;

jaikumar_f5 · Answer

I aint sure that there's one as Irule deals with events,condition and action.
You can use log local0. "your statement to see if its executed".

boneyard · Answer

this article show how to enable extra information in the tcpdump: https://support.f5.com/csp/article/K13637&nbsp;
will this do what you want, i doubt it. i also don't see how that would work, from a tcpdump output point of view i don't see where should information would belong.&nbsp;

p_k · Answer

It depends on how often that irule is running. log local0. logs to your local appliance which will have the slightest possible impact. I wouldn't worry about this.  
yes.. you should see logs at /var/log/ltm or from GUI.( System -&gt; Logs -&gt; Local traffic)  
Nothing specific.  
Not that i know of. But you will do see redirects in the TCPDUMP by enabling advanced options.

Forum Discussion

tcpdump to capture irule processing

Recent Discussions

NAT for specific IPs

Upgrading BIGIP 2000S to R2600

TS Declarations for DNS

how to view list os client support via cli

automatic learning logs/report ?

Related Content

Tcpdump Capture

decrypted tcpdump capture without using an iRule using tshark

Decrypting BIG-IP Packet Captures without iRules

Decrypting BIG-IP Packet Captures Automatically

Automating Packet Captures on BIG-IP

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS